2 * Copyright (c) 2022, 2023 Stefan Sperling <stsp@openbsd.org>
4 * Permission to use, copy, modify, and distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 #include <sys/types.h>
18 #include <sys/queue.h>
20 #include <sys/socket.h>
35 #include "got_error.h"
36 #include "got_repository.h"
37 #include "got_object.h"
39 #include "got_reference.h"
40 #include "got_opentemp.h"
42 #include "got_lib_sha1.h"
43 #include "got_lib_delta.h"
44 #include "got_lib_object.h"
45 #include "got_lib_object_cache.h"
46 #include "got_lib_pack.h"
47 #include "got_lib_repository.h"
48 #include "got_lib_gitproto.h"
55 static struct gotd_session {
58 struct got_repository *repo;
61 struct gotd_imsgev parent_iev;
62 struct timeval request_timeout;
65 static struct gotd_session_client {
66 enum gotd_session_state state;
68 struct gotd_client_capability *capabilities;
74 struct gotd_imsgev iev;
75 struct gotd_imsgev repo_child_iev;
83 } gotd_session_client;
85 void gotd_session_sighdlr(int sig, short event, void *arg);
86 static void gotd_session_shutdown(void);
89 disconnect(struct gotd_session_client *client)
91 log_debug("uid %d: disconnecting", client->euid);
93 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
94 GOTD_IMSG_DISCONNECT, PROC_SESSION, -1, NULL, 0) == -1)
95 log_warn("imsg compose DISCONNECT");
97 imsg_clear(&client->repo_child_iev.ibuf);
98 event_del(&client->repo_child_iev.ev);
99 evtimer_del(&client->tmo);
101 if (client->delta_cache_fd != -1)
102 close(client->delta_cache_fd);
103 if (client->packfile_path) {
104 if (unlink(client->packfile_path) == -1 && errno != ENOENT)
105 log_warn("unlink %s: ", client->packfile_path);
106 free(client->packfile_path);
108 if (client->packidx_path) {
109 if (unlink(client->packidx_path) == -1 && errno != ENOENT)
110 log_warn("unlink %s: ", client->packidx_path);
111 free(client->packidx_path);
113 free(client->capabilities);
115 gotd_session_shutdown();
119 disconnect_on_error(struct gotd_session_client *client,
120 const struct got_error *err)
124 log_warnx("uid %d: %s", client->euid, err->msg);
125 if (err->code != GOT_ERR_EOF) {
126 imsg_init(&ibuf, client->fd);
127 gotd_imsg_send_error(&ibuf, 0, PROC_SESSION, err);
135 gotd_request_timeout(int fd, short events, void *arg)
137 struct gotd_session_client *client = arg;
139 log_debug("disconnecting uid %d due to timeout", client->euid);
144 gotd_session_sighdlr(int sig, short event, void *arg)
147 * Normal signal handler rules don't apply because libevent
153 log_info("%s: ignoring SIGHUP", __func__);
156 log_info("%s: ignoring SIGUSR1", __func__);
160 gotd_session_shutdown();
164 fatalx("unexpected signal");
168 static const struct got_error *
169 recv_packfile_done(uint32_t *client_id, struct imsg *imsg)
171 struct gotd_imsg_packfile_done idone;
174 log_debug("packfile-done received");
176 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
177 if (datalen != sizeof(idone))
178 return got_error(GOT_ERR_PRIVSEP_LEN);
179 memcpy(&idone, imsg->data, sizeof(idone));
181 *client_id = idone.client_id;
185 static const struct got_error *
186 recv_packfile_install(uint32_t *client_id, struct imsg *imsg)
188 struct gotd_imsg_packfile_install inst;
191 log_debug("packfile-install received");
193 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
194 if (datalen != sizeof(inst))
195 return got_error(GOT_ERR_PRIVSEP_LEN);
196 memcpy(&inst, imsg->data, sizeof(inst));
198 *client_id = inst.client_id;
202 static const struct got_error *
203 recv_ref_updates_start(uint32_t *client_id, struct imsg *imsg)
205 struct gotd_imsg_ref_updates_start istart;
208 log_debug("ref-updates-start received");
210 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
211 if (datalen != sizeof(istart))
212 return got_error(GOT_ERR_PRIVSEP_LEN);
213 memcpy(&istart, imsg->data, sizeof(istart));
215 *client_id = istart.client_id;
219 static const struct got_error *
220 recv_ref_update(uint32_t *client_id, struct imsg *imsg)
222 struct gotd_imsg_ref_update iref;
225 log_debug("ref-update received");
227 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
228 if (datalen < sizeof(iref))
229 return got_error(GOT_ERR_PRIVSEP_LEN);
230 memcpy(&iref, imsg->data, sizeof(iref));
232 *client_id = iref.client_id;
236 static const struct got_error *
237 send_ref_update_ok(struct gotd_session_client *client,
238 struct gotd_imsg_ref_update *iref, const char *refname)
240 struct gotd_imsg_ref_update_ok iok;
241 struct gotd_imsgev *iev = &client->iev;
245 memset(&iok, 0, sizeof(iok));
246 iok.client_id = client->id;
247 memcpy(iok.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
248 memcpy(iok.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
249 iok.name_len = strlen(refname);
251 len = sizeof(iok) + iok.name_len;
252 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_OK,
253 PROC_SESSION, gotd_session.pid, len);
255 return got_error_from_errno("imsg_create REF_UPDATE_OK");
257 if (imsg_add(wbuf, &iok, sizeof(iok)) == -1)
258 return got_error_from_errno("imsg_add REF_UPDATE_OK");
259 if (imsg_add(wbuf, refname, iok.name_len) == -1)
260 return got_error_from_errno("imsg_add REF_UPDATE_OK");
263 imsg_close(&iev->ibuf, wbuf);
264 gotd_imsg_event_add(iev);
269 send_refs_updated(struct gotd_session_client *client)
271 if (gotd_imsg_compose_event(&client->iev, GOTD_IMSG_REFS_UPDATED,
272 PROC_SESSION, -1, NULL, 0) == -1)
273 log_warn("imsg compose REFS_UPDATED");
276 static const struct got_error *
277 send_ref_update_ng(struct gotd_session_client *client,
278 struct gotd_imsg_ref_update *iref, const char *refname,
281 const struct got_error *ng_err;
282 struct gotd_imsg_ref_update_ng ing;
283 struct gotd_imsgev *iev = &client->iev;
287 memset(&ing, 0, sizeof(ing));
288 ing.client_id = client->id;
289 memcpy(ing.old_id, iref->old_id, SHA1_DIGEST_LENGTH);
290 memcpy(ing.new_id, iref->new_id, SHA1_DIGEST_LENGTH);
291 ing.name_len = strlen(refname);
293 ng_err = got_error_fmt(GOT_ERR_REF_BUSY, "%s", reason);
294 ing.reason_len = strlen(ng_err->msg);
296 len = sizeof(ing) + ing.name_len + ing.reason_len;
297 wbuf = imsg_create(&iev->ibuf, GOTD_IMSG_REF_UPDATE_NG,
298 PROC_SESSION, gotd_session.pid, len);
300 return got_error_from_errno("imsg_create REF_UPDATE_NG");
302 if (imsg_add(wbuf, &ing, sizeof(ing)) == -1)
303 return got_error_from_errno("imsg_add REF_UPDATE_NG");
304 if (imsg_add(wbuf, refname, ing.name_len) == -1)
305 return got_error_from_errno("imsg_add REF_UPDATE_NG");
306 if (imsg_add(wbuf, ng_err->msg, ing.reason_len) == -1)
307 return got_error_from_errno("imsg_add REF_UPDATE_NG");
310 imsg_close(&iev->ibuf, wbuf);
311 gotd_imsg_event_add(iev);
315 static const struct got_error *
316 install_pack(struct gotd_session_client *client, const char *repo_path,
319 const struct got_error *err = NULL;
320 struct gotd_imsg_packfile_install inst;
321 char hex[SHA1_DIGEST_STRING_LENGTH];
323 char *packfile_path = NULL, *packidx_path = NULL;
325 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
326 if (datalen != sizeof(inst))
327 return got_error(GOT_ERR_PRIVSEP_LEN);
328 memcpy(&inst, imsg->data, sizeof(inst));
330 if (client->packfile_path == NULL)
331 return got_error_msg(GOT_ERR_BAD_REQUEST,
332 "client has no pack file");
333 if (client->packidx_path == NULL)
334 return got_error_msg(GOT_ERR_BAD_REQUEST,
335 "client has no pack file index");
337 if (got_sha1_digest_to_str(inst.pack_sha1, hex, sizeof(hex)) == NULL)
338 return got_error_msg(GOT_ERR_NO_SPACE,
339 "could not convert pack file SHA1 to hex");
341 if (asprintf(&packfile_path, "/%s/%s/pack-%s.pack",
342 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
343 err = got_error_from_errno("asprintf");
347 if (asprintf(&packidx_path, "/%s/%s/pack-%s.idx",
348 repo_path, GOT_OBJECTS_PACK_DIR, hex) == -1) {
349 err = got_error_from_errno("asprintf");
353 if (rename(client->packfile_path, packfile_path) == -1) {
354 err = got_error_from_errno3("rename", client->packfile_path,
359 free(client->packfile_path);
360 client->packfile_path = NULL;
362 if (rename(client->packidx_path, packidx_path) == -1) {
363 err = got_error_from_errno3("rename", client->packidx_path,
368 free(client->packidx_path);
369 client->packidx_path = NULL;
376 static const struct got_error *
377 begin_ref_updates(struct gotd_session_client *client, struct imsg *imsg)
379 struct gotd_imsg_ref_updates_start istart;
382 if (client->nref_updates != -1)
383 return got_error(GOT_ERR_PRIVSEP_MSG);
385 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
386 if (datalen != sizeof(istart))
387 return got_error(GOT_ERR_PRIVSEP_LEN);
388 memcpy(&istart, imsg->data, sizeof(istart));
390 if (istart.nref_updates <= 0)
391 return got_error(GOT_ERR_PRIVSEP_MSG);
393 client->nref_updates = istart.nref_updates;
397 static const struct got_error *
398 update_ref(int *shut, struct gotd_session_client *client,
399 const char *repo_path, struct imsg *imsg)
401 const struct got_error *err = NULL;
402 struct got_repository *repo = NULL;
403 struct got_reference *ref = NULL;
404 struct gotd_imsg_ref_update iref;
405 struct got_object_id old_id, new_id;
406 struct got_object_id *id = NULL;
407 struct got_object *obj = NULL;
408 char *refname = NULL;
412 log_debug("update-ref from uid %d", client->euid);
414 if (client->nref_updates <= 0)
415 return got_error(GOT_ERR_PRIVSEP_MSG);
417 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
418 if (datalen < sizeof(iref))
419 return got_error(GOT_ERR_PRIVSEP_LEN);
420 memcpy(&iref, imsg->data, sizeof(iref));
421 if (datalen != sizeof(iref) + iref.name_len)
422 return got_error(GOT_ERR_PRIVSEP_LEN);
423 refname = strndup(imsg->data + sizeof(iref), iref.name_len);
425 return got_error_from_errno("strndup");
427 log_debug("updating ref %s for uid %d", refname, client->euid);
429 err = got_repo_open(&repo, repo_path, NULL, NULL);
433 memcpy(old_id.sha1, iref.old_id, SHA1_DIGEST_LENGTH);
434 memcpy(new_id.sha1, iref.new_id, SHA1_DIGEST_LENGTH);
435 err = got_object_open(&obj, repo,
436 iref.delete_ref ? &old_id : &new_id);
440 if (iref.ref_is_new) {
441 err = got_ref_open(&ref, repo, refname, 0);
443 if (err->code != GOT_ERR_NOT_REF)
445 err = got_ref_alloc(&ref, refname, &new_id);
448 err = got_ref_write(ref, repo); /* will lock/unlock */
452 err = got_error_fmt(GOT_ERR_REF_BUSY,
453 "%s has been created by someone else "
454 "while transaction was in progress",
455 got_ref_get_name(ref));
458 } else if (iref.delete_ref) {
459 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
464 err = got_ref_resolve(&id, repo, ref);
468 if (got_object_id_cmp(id, &old_id) != 0) {
469 err = got_error_fmt(GOT_ERR_REF_BUSY,
470 "%s has been modified by someone else "
471 "while transaction was in progress",
472 got_ref_get_name(ref));
476 err = got_ref_delete(ref, repo);
483 err = got_ref_open(&ref, repo, refname, 1 /* lock */);
488 err = got_ref_resolve(&id, repo, ref);
492 if (got_object_id_cmp(id, &old_id) != 0) {
493 err = got_error_fmt(GOT_ERR_REF_BUSY,
494 "%s has been modified by someone else "
495 "while transaction was in progress",
496 got_ref_get_name(ref));
500 err = got_ref_change_ref(ref, &new_id);
504 err = got_ref_write(ref, repo);
513 if (err->code == GOT_ERR_LOCKFILE_TIMEOUT) {
514 err = got_error_fmt(GOT_ERR_LOCKFILE_TIMEOUT,
515 "could not acquire exclusive file lock for %s",
518 send_ref_update_ng(client, &iref, refname, err->msg);
520 send_ref_update_ok(client, &iref, refname);
522 if (client->nref_updates > 0) {
523 client->nref_updates--;
524 if (client->nref_updates == 0) {
525 send_refs_updated(client);
531 const struct got_error *unlock_err;
532 unlock_err = got_ref_unlock(ref);
533 if (unlock_err && err == NULL)
539 got_object_close(obj);
541 got_repo_close(repo);
548 session_dispatch_repo_child(int fd, short event, void *arg)
550 struct gotd_imsgev *iev = arg;
551 struct imsgbuf *ibuf = &iev->ibuf;
552 struct gotd_session_client *client = &gotd_session_client;
557 if (event & EV_READ) {
558 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
559 fatal("imsg_read error");
561 /* Connection closed. */
567 if (event & EV_WRITE) {
568 n = msgbuf_write(&ibuf->w);
569 if (n == -1 && errno != EAGAIN)
570 fatal("msgbuf_write");
572 /* Connection closed. */
579 const struct got_error *err = NULL;
580 uint32_t client_id = 0;
581 int do_disconnect = 0;
582 int do_ref_updates = 0, do_ref_update = 0;
583 int do_packfile_install = 0;
585 if ((n = imsg_get(ibuf, &imsg)) == -1)
586 fatal("%s: imsg_get error", __func__);
587 if (n == 0) /* No more messages. */
590 switch (imsg.hdr.type) {
591 case GOTD_IMSG_ERROR:
593 err = gotd_imsg_recv_error(&client_id, &imsg);
595 case GOTD_IMSG_PACKFILE_DONE:
597 err = recv_packfile_done(&client_id, &imsg);
599 case GOTD_IMSG_PACKFILE_INSTALL:
600 err = recv_packfile_install(&client_id, &imsg);
602 do_packfile_install = 1;
604 case GOTD_IMSG_REF_UPDATES_START:
605 err = recv_ref_updates_start(&client_id, &imsg);
609 case GOTD_IMSG_REF_UPDATE:
610 err = recv_ref_update(&client_id, &imsg);
615 log_debug("unexpected imsg %d", imsg.hdr.type);
621 disconnect_on_error(client, err);
625 if (do_packfile_install)
626 err = install_pack(client,
627 gotd_session.repo->path, &imsg);
628 else if (do_ref_updates)
629 err = begin_ref_updates(client, &imsg);
630 else if (do_ref_update)
631 err = update_ref(&shut, client,
632 gotd_session.repo->path, &imsg);
634 log_warnx("uid %d: %s", client->euid, err->msg);
640 gotd_imsg_event_add(iev);
642 /* This pipe is dead. Remove its event handler */
644 event_loopexit(NULL);
648 static const struct got_error *
649 recv_capabilities(struct gotd_session_client *client, struct imsg *imsg)
651 struct gotd_imsg_capabilities icapas;
654 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
655 if (datalen != sizeof(icapas))
656 return got_error(GOT_ERR_PRIVSEP_LEN);
657 memcpy(&icapas, imsg->data, sizeof(icapas));
659 client->ncapa_alloc = icapas.ncapabilities;
660 client->capabilities = calloc(client->ncapa_alloc,
661 sizeof(*client->capabilities));
662 if (client->capabilities == NULL) {
663 client->ncapa_alloc = 0;
664 return got_error_from_errno("calloc");
667 log_debug("expecting %zu capabilities from uid %d",
668 client->ncapa_alloc, client->euid);
672 static const struct got_error *
673 recv_capability(struct gotd_session_client *client, struct imsg *imsg)
675 struct gotd_imsg_capability icapa;
676 struct gotd_client_capability *capa;
678 char *key, *value = NULL;
680 if (client->capabilities == NULL ||
681 client->ncapabilities >= client->ncapa_alloc) {
682 return got_error_msg(GOT_ERR_BAD_REQUEST,
683 "unexpected capability received");
686 memset(&icapa, 0, sizeof(icapa));
688 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
689 if (datalen < sizeof(icapa))
690 return got_error(GOT_ERR_PRIVSEP_LEN);
691 memcpy(&icapa, imsg->data, sizeof(icapa));
693 if (datalen != sizeof(icapa) + icapa.key_len + icapa.value_len)
694 return got_error(GOT_ERR_PRIVSEP_LEN);
696 key = strndup(imsg->data + sizeof(icapa), icapa.key_len);
698 return got_error_from_errno("strndup");
699 if (icapa.value_len > 0) {
700 value = strndup(imsg->data + sizeof(icapa) + icapa.key_len,
704 return got_error_from_errno("strndup");
708 capa = &client->capabilities[client->ncapabilities++];
713 log_debug("uid %d: capability %s=%s", client->euid, key, value);
715 log_debug("uid %d: capability %s", client->euid, key);
720 static const struct got_error *
721 ensure_client_is_reading(struct gotd_session_client *client)
723 if (client->is_writing) {
724 return got_error_fmt(GOT_ERR_BAD_PACKET,
725 "uid %d made a read-request but is not reading from "
726 "a repository", client->euid);
732 static const struct got_error *
733 ensure_client_is_writing(struct gotd_session_client *client)
735 if (!client->is_writing) {
736 return got_error_fmt(GOT_ERR_BAD_PACKET,
737 "uid %d made a write-request but is not writing to "
738 "a repository", client->euid);
744 static const struct got_error *
745 forward_want(struct gotd_session_client *client, struct imsg *imsg)
747 struct gotd_imsg_want ireq;
748 struct gotd_imsg_want iwant;
751 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
752 if (datalen != sizeof(ireq))
753 return got_error(GOT_ERR_PRIVSEP_LEN);
755 memcpy(&ireq, imsg->data, datalen);
757 memset(&iwant, 0, sizeof(iwant));
758 memcpy(iwant.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
759 iwant.client_id = client->id;
761 if (gotd_imsg_compose_event(&client->repo_child_iev, GOTD_IMSG_WANT,
762 PROC_SESSION, -1, &iwant, sizeof(iwant)) == -1)
763 return got_error_from_errno("imsg compose WANT");
768 static const struct got_error *
769 forward_ref_update(struct gotd_session_client *client, struct imsg *imsg)
771 const struct got_error *err = NULL;
772 struct gotd_imsg_ref_update ireq;
773 struct gotd_imsg_ref_update *iref = NULL;
776 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
777 if (datalen < sizeof(ireq))
778 return got_error(GOT_ERR_PRIVSEP_LEN);
779 memcpy(&ireq, imsg->data, sizeof(ireq));
780 if (datalen != sizeof(ireq) + ireq.name_len)
781 return got_error(GOT_ERR_PRIVSEP_LEN);
783 iref = malloc(datalen);
785 return got_error_from_errno("malloc");
786 memcpy(iref, imsg->data, datalen);
788 iref->client_id = client->id;
789 if (gotd_imsg_compose_event(&client->repo_child_iev,
790 GOTD_IMSG_REF_UPDATE, PROC_SESSION, -1, iref, datalen) == -1)
791 err = got_error_from_errno("imsg compose REF_UPDATE");
796 static const struct got_error *
797 forward_have(struct gotd_session_client *client, struct imsg *imsg)
799 struct gotd_imsg_have ireq;
800 struct gotd_imsg_have ihave;
803 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
804 if (datalen != sizeof(ireq))
805 return got_error(GOT_ERR_PRIVSEP_LEN);
807 memcpy(&ireq, imsg->data, datalen);
809 memset(&ihave, 0, sizeof(ihave));
810 memcpy(ihave.object_id, ireq.object_id, SHA1_DIGEST_LENGTH);
811 ihave.client_id = client->id;
813 if (gotd_imsg_compose_event(&client->repo_child_iev, GOTD_IMSG_HAVE,
814 PROC_SESSION, -1, &ihave, sizeof(ihave)) == -1)
815 return got_error_from_errno("imsg compose HAVE");
821 client_has_capability(struct gotd_session_client *client, const char *capastr)
823 struct gotd_client_capability *capa;
826 if (client->ncapabilities == 0)
829 for (i = 0; i < client->ncapabilities; i++) {
830 capa = &client->capabilities[i];
831 if (strcmp(capa->key, capastr) == 0)
838 static const struct got_error *
839 recv_packfile(struct gotd_session_client *client)
841 const struct got_error *err = NULL;
842 struct gotd_imsg_recv_packfile ipack;
843 struct gotd_imsg_packfile_pipe ipipe;
844 struct gotd_imsg_packidx_file ifile;
845 char *basepath = NULL, *pack_path = NULL, *idx_path = NULL;
846 int packfd = -1, idxfd = -1;
847 int pipe[2] = { -1, -1 };
849 if (client->packfile_path) {
850 return got_error_fmt(GOT_ERR_PRIVSEP_MSG,
851 "uid %d already has a pack file", client->euid);
854 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
855 return got_error_from_errno("socketpair");
857 memset(&ipipe, 0, sizeof(ipipe));
858 ipipe.client_id = client->id;
860 /* Send pack pipe end 0 to repo child process. */
861 if (gotd_imsg_compose_event(&client->repo_child_iev,
862 GOTD_IMSG_PACKFILE_PIPE, PROC_SESSION, pipe[0],
863 &ipipe, sizeof(ipipe)) == -1) {
864 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
870 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
871 if (gotd_imsg_compose_event(&client->iev,
872 GOTD_IMSG_PACKFILE_PIPE, PROC_SESSION, pipe[1], NULL, 0) == -1)
873 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
876 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.pack",
877 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
878 client->euid) == -1) {
879 err = got_error_from_errno("asprintf");
883 err = got_opentemp_named_fd(&pack_path, &packfd, basepath, "");
888 if (asprintf(&basepath, "%s/%s/receiving-from-uid-%d.idx",
889 got_repo_get_path(gotd_session.repo), GOT_OBJECTS_PACK_DIR,
890 client->euid) == -1) {
891 err = got_error_from_errno("asprintf");
895 err = got_opentemp_named_fd(&idx_path, &idxfd, basepath, "");
899 memset(&ifile, 0, sizeof(ifile));
900 ifile.client_id = client->id;
901 if (gotd_imsg_compose_event(&client->repo_child_iev,
902 GOTD_IMSG_PACKIDX_FILE, PROC_SESSION,
903 idxfd, &ifile, sizeof(ifile)) == -1) {
904 err = got_error_from_errno("imsg compose PACKIDX_FILE");
910 memset(&ipack, 0, sizeof(ipack));
911 ipack.client_id = client->id;
912 if (client_has_capability(client, GOT_CAPA_REPORT_STATUS))
913 ipack.report_status = 1;
915 if (gotd_imsg_compose_event(&client->repo_child_iev,
916 GOTD_IMSG_RECV_PACKFILE, PROC_SESSION, packfd,
917 &ipack, sizeof(ipack)) == -1) {
918 err = got_error_from_errno("imsg compose RECV_PACKFILE");
926 if (pipe[0] != -1 && close(pipe[0]) == -1 && err == NULL)
927 err = got_error_from_errno("close");
928 if (pipe[1] != -1 && close(pipe[1]) == -1 && err == NULL)
929 err = got_error_from_errno("close");
930 if (packfd != -1 && close(packfd) == -1 && err == NULL)
931 err = got_error_from_errno("close");
932 if (idxfd != -1 && close(idxfd) == -1 && err == NULL)
933 err = got_error_from_errno("close");
938 client->packfile_path = pack_path;
939 client->packidx_path = idx_path;
944 static const struct got_error *
945 send_packfile(struct gotd_session_client *client)
947 const struct got_error *err = NULL;
948 struct gotd_imsg_send_packfile ipack;
949 struct gotd_imsg_packfile_pipe ipipe;
952 if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe) == -1)
953 return got_error_from_errno("socketpair");
955 memset(&ipack, 0, sizeof(ipack));
956 memset(&ipipe, 0, sizeof(ipipe));
958 ipack.client_id = client->id;
959 if (client_has_capability(client, GOT_CAPA_SIDE_BAND_64K))
960 ipack.report_progress = 1;
962 client->delta_cache_fd = got_opentempfd();
963 if (client->delta_cache_fd == -1)
964 return got_error_from_errno("got_opentempfd");
966 if (gotd_imsg_compose_event(&client->repo_child_iev,
967 GOTD_IMSG_SEND_PACKFILE, PROC_GOTD, client->delta_cache_fd,
968 &ipack, sizeof(ipack)) == -1) {
969 err = got_error_from_errno("imsg compose SEND_PACKFILE");
975 ipipe.client_id = client->id;
977 /* Send pack pipe end 0 to repo child process. */
978 if (gotd_imsg_compose_event(&client->repo_child_iev,
979 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD,
980 pipe[0], &ipipe, sizeof(ipipe)) == -1) {
981 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
986 /* Send pack pipe end 1 to gotsh(1) (expects just an fd, no data). */
987 if (gotd_imsg_compose_event(&client->iev,
988 GOTD_IMSG_PACKFILE_PIPE, PROC_GOTD, pipe[1], NULL, 0) == -1)
989 err = got_error_from_errno("imsg compose PACKFILE_PIPE");
995 session_dispatch_listener(int fd, short events, void *arg)
997 struct gotd_imsgev *iev = arg;
998 struct imsgbuf *ibuf = &iev->ibuf;
999 struct gotd_session_client *client = &gotd_session_client;
1000 const struct got_error *err = NULL;
1004 if (events & EV_WRITE) {
1005 while (ibuf->w.queued) {
1006 n = msgbuf_write(&ibuf->w);
1007 if (n == -1 && errno == EPIPE) {
1009 * The client has closed its socket.
1010 * This can happen when Git clients are
1011 * done sending pack file data.
1013 msgbuf_clear(&ibuf->w);
1015 } else if (n == -1 && errno != EAGAIN) {
1016 err = got_error_from_errno("imsg_flush");
1017 disconnect_on_error(client, err);
1021 /* Connection closed. */
1022 err = got_error(GOT_ERR_EOF);
1023 disconnect_on_error(client, err);
1029 if ((events & EV_READ) == 0)
1032 memset(&imsg, 0, sizeof(imsg));
1034 while (err == NULL) {
1035 err = gotd_imsg_recv(&imsg, ibuf, 0);
1037 if (err->code == GOT_ERR_PRIVSEP_READ)
1042 evtimer_del(&client->tmo);
1044 switch (imsg.hdr.type) {
1045 case GOTD_IMSG_CAPABILITIES:
1046 if (client->state != GOTD_STATE_EXPECT_CAPABILITIES) {
1047 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1048 "unexpected capabilities received");
1051 log_debug("receiving capabilities from uid %d",
1053 err = recv_capabilities(client, &imsg);
1055 case GOTD_IMSG_CAPABILITY:
1056 if (client->state != GOTD_STATE_EXPECT_CAPABILITIES) {
1057 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1058 "unexpected capability received");
1061 err = recv_capability(client, &imsg);
1062 if (err || client->ncapabilities < client->ncapa_alloc)
1064 if (!client->is_writing) {
1065 client->state = GOTD_STATE_EXPECT_WANT;
1066 client->accept_flush_pkt = 1;
1067 log_debug("uid %d: expecting want-lines",
1069 } else if (client->is_writing) {
1070 client->state = GOTD_STATE_EXPECT_REF_UPDATE;
1071 client->accept_flush_pkt = 1;
1072 log_debug("uid %d: expecting ref-update-lines",
1075 fatalx("client %d is both reading and writing",
1078 case GOTD_IMSG_WANT:
1079 if (client->state != GOTD_STATE_EXPECT_WANT) {
1080 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1081 "unexpected want-line received");
1084 log_debug("received want-line from uid %d",
1086 err = ensure_client_is_reading(client);
1089 client->accept_flush_pkt = 1;
1090 err = forward_want(client, &imsg);
1092 case GOTD_IMSG_REF_UPDATE:
1093 if (client->state != GOTD_STATE_EXPECT_REF_UPDATE &&
1095 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1096 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1097 "unexpected ref-update-line received");
1100 log_debug("received ref-update-line from uid %d",
1102 err = ensure_client_is_writing(client);
1105 err = forward_ref_update(client, &imsg);
1108 client->state = GOTD_STATE_EXPECT_MORE_REF_UPDATES;
1109 client->accept_flush_pkt = 1;
1111 case GOTD_IMSG_HAVE:
1112 if (client->state != GOTD_STATE_EXPECT_HAVE) {
1113 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1114 "unexpected have-line received");
1117 log_debug("received have-line from uid %d",
1119 err = ensure_client_is_reading(client);
1122 err = forward_have(client, &imsg);
1125 client->accept_flush_pkt = 1;
1127 case GOTD_IMSG_FLUSH:
1128 if (client->state == GOTD_STATE_EXPECT_WANT ||
1129 client->state == GOTD_STATE_EXPECT_HAVE) {
1130 err = ensure_client_is_reading(client);
1133 } else if (client->state ==
1134 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1135 err = ensure_client_is_writing(client);
1138 } else if (client->state != GOTD_STATE_EXPECT_DONE) {
1139 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1140 "unexpected flush-pkt received");
1143 if (!client->accept_flush_pkt) {
1144 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1145 "unexpected flush-pkt received");
1150 * Accept just one flush packet at a time.
1151 * Future client state transitions will set this flag
1152 * again if another flush packet is expected.
1154 client->accept_flush_pkt = 0;
1156 log_debug("received flush-pkt from uid %d",
1158 if (client->state == GOTD_STATE_EXPECT_WANT) {
1159 client->state = GOTD_STATE_EXPECT_HAVE;
1160 log_debug("uid %d: expecting have-lines",
1162 } else if (client->state == GOTD_STATE_EXPECT_HAVE) {
1163 client->state = GOTD_STATE_EXPECT_DONE;
1164 client->accept_flush_pkt = 1;
1165 log_debug("uid %d: expecting 'done'",
1167 } else if (client->state ==
1168 GOTD_STATE_EXPECT_MORE_REF_UPDATES) {
1169 client->state = GOTD_STATE_EXPECT_PACKFILE;
1170 log_debug("uid %d: expecting packfile",
1172 err = recv_packfile(client);
1173 } else if (client->state != GOTD_STATE_EXPECT_DONE) {
1174 /* should not happen, see above */
1175 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1176 "unexpected client state");
1180 case GOTD_IMSG_DONE:
1181 if (client->state != GOTD_STATE_EXPECT_HAVE &&
1182 client->state != GOTD_STATE_EXPECT_DONE) {
1183 err = got_error_msg(GOT_ERR_BAD_REQUEST,
1184 "unexpected flush-pkt received");
1187 log_debug("received 'done' from uid %d", client->euid);
1188 err = ensure_client_is_reading(client);
1191 client->state = GOTD_STATE_DONE;
1192 client->accept_flush_pkt = 1;
1193 err = send_packfile(client);
1196 log_debug("unexpected imsg %d", imsg.hdr.type);
1197 err = got_error(GOT_ERR_PRIVSEP_MSG);
1205 if (err->code != GOT_ERR_EOF ||
1206 client->state != GOTD_STATE_EXPECT_PACKFILE)
1207 disconnect_on_error(client, err);
1209 gotd_imsg_event_add(iev);
1210 evtimer_add(&client->tmo, &gotd_session.request_timeout);
1214 static const struct got_error *
1215 list_refs_request(void)
1217 static const struct got_error *err;
1218 struct gotd_session_client *client = &gotd_session_client;
1219 struct gotd_imsgev *iev = &client->repo_child_iev;
1220 struct gotd_imsg_list_refs_internal ilref;
1223 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1224 return got_error(GOT_ERR_PRIVSEP_MSG);
1226 memset(&ilref, 0, sizeof(ilref));
1227 ilref.client_id = client->id;
1229 fd = dup(client->fd);
1231 return got_error_from_errno("dup");
1233 if (gotd_imsg_compose_event(iev, GOTD_IMSG_LIST_REFS_INTERNAL,
1234 PROC_SESSION, fd, &ilref, sizeof(ilref)) == -1) {
1235 err = got_error_from_errno("imsg compose LIST_REFS_INTERNAL");
1240 client->state = GOTD_STATE_EXPECT_CAPABILITIES;
1241 log_debug("uid %d: expecting capabilities", client->euid);
1245 static const struct got_error *
1246 recv_connect(struct imsg *imsg)
1248 struct gotd_session_client *client = &gotd_session_client;
1249 struct gotd_imsg_connect iconnect;
1252 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1253 return got_error(GOT_ERR_PRIVSEP_MSG);
1255 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1256 if (datalen != sizeof(iconnect))
1257 return got_error(GOT_ERR_PRIVSEP_LEN);
1258 memcpy(&iconnect, imsg->data, sizeof(iconnect));
1261 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1263 client->fd = imsg->fd;
1264 client->euid = iconnect.euid;
1265 client->egid = iconnect.egid;
1267 imsg_init(&client->iev.ibuf, client->fd);
1268 client->iev.handler = session_dispatch_listener;
1269 client->iev.events = EV_READ;
1270 client->iev.handler_arg = NULL;
1271 event_set(&client->iev.ev, client->iev.ibuf.fd, EV_READ,
1272 session_dispatch_listener, &client->iev);
1273 gotd_imsg_event_add(&client->iev);
1274 evtimer_set(&client->tmo, gotd_request_timeout, client);
1279 static const struct got_error *
1280 recv_repo_child(struct imsg *imsg)
1282 struct gotd_imsg_connect_repo_child ichild;
1283 struct gotd_session_client *client = &gotd_session_client;
1286 if (client->state != GOTD_STATE_EXPECT_LIST_REFS)
1287 return got_error(GOT_ERR_PRIVSEP_MSG);
1289 /* We should already have received a pipe to the listener. */
1290 if (client->fd == -1)
1291 return got_error(GOT_ERR_PRIVSEP_MSG);
1293 datalen = imsg->hdr.len - IMSG_HEADER_SIZE;
1294 if (datalen != sizeof(ichild))
1295 return got_error(GOT_ERR_PRIVSEP_LEN);
1297 memcpy(&ichild, imsg->data, sizeof(ichild));
1299 client->id = ichild.client_id;
1300 if (ichild.proc_id == PROC_REPO_WRITE)
1301 client->is_writing = 1;
1302 else if (ichild.proc_id == PROC_REPO_READ)
1303 client->is_writing = 0;
1305 return got_error_msg(GOT_ERR_PRIVSEP_MSG,
1306 "bad child process type");
1309 return got_error(GOT_ERR_PRIVSEP_NO_FD);
1311 imsg_init(&client->repo_child_iev.ibuf, imsg->fd);
1312 client->repo_child_iev.handler = session_dispatch_repo_child;
1313 client->repo_child_iev.events = EV_READ;
1314 client->repo_child_iev.handler_arg = NULL;
1315 event_set(&client->repo_child_iev.ev, client->repo_child_iev.ibuf.fd,
1316 EV_READ, session_dispatch_repo_child, &client->repo_child_iev);
1317 gotd_imsg_event_add(&client->repo_child_iev);
1319 /* The "recvfd" pledge promise is no longer needed. */
1320 if (pledge("stdio rpath wpath cpath sendfd fattr flock", NULL) == -1)
1327 session_dispatch(int fd, short event, void *arg)
1329 struct gotd_imsgev *iev = arg;
1330 struct imsgbuf *ibuf = &iev->ibuf;
1331 struct gotd_session_client *client = &gotd_session_client;
1336 if (event & EV_READ) {
1337 if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
1338 fatal("imsg_read error");
1340 /* Connection closed. */
1346 if (event & EV_WRITE) {
1347 n = msgbuf_write(&ibuf->w);
1348 if (n == -1 && errno != EAGAIN)
1349 fatal("msgbuf_write");
1351 /* Connection closed. */
1358 const struct got_error *err = NULL;
1359 uint32_t client_id = 0;
1360 int do_disconnect = 0, do_list_refs = 0;
1362 if ((n = imsg_get(ibuf, &imsg)) == -1)
1363 fatal("%s: imsg_get error", __func__);
1364 if (n == 0) /* No more messages. */
1367 switch (imsg.hdr.type) {
1368 case GOTD_IMSG_ERROR:
1370 err = gotd_imsg_recv_error(&client_id, &imsg);
1372 case GOTD_IMSG_CONNECT:
1373 err = recv_connect(&imsg);
1375 case GOTD_IMSG_DISCONNECT:
1378 case GOTD_IMSG_CONNECT_REPO_CHILD:
1379 err = recv_repo_child(&imsg);
1385 log_debug("unexpected imsg %d", imsg.hdr.type);
1390 if (do_disconnect) {
1392 disconnect_on_error(client, err);
1395 } else if (do_list_refs)
1396 err = list_refs_request();
1399 log_warnx("uid %d: %s", client->euid, err->msg);
1403 gotd_imsg_event_add(iev);
1405 /* This pipe is dead. Remove its event handler */
1406 event_del(&iev->ev);
1407 event_loopexit(NULL);
1412 session_main(const char *title, const char *repo_path,
1413 int *pack_fds, int *temp_fds, struct timeval *request_timeout)
1415 const struct got_error *err = NULL;
1416 struct event evsigint, evsigterm, evsighup, evsigusr1;
1418 gotd_session.title = title;
1419 gotd_session.pid = getpid();
1420 gotd_session.pack_fds = pack_fds;
1421 gotd_session.temp_fds = temp_fds;
1422 memcpy(&gotd_session.request_timeout, request_timeout,
1423 sizeof(gotd_session.request_timeout));
1425 err = got_repo_open(&gotd_session.repo, repo_path, NULL, pack_fds);
1428 if (!got_repo_is_bare(gotd_session.repo)) {
1429 err = got_error_msg(GOT_ERR_NOT_GIT_REPO,
1430 "bare git repository required");
1434 got_repo_temp_fds_set(gotd_session.repo, temp_fds);
1436 signal_set(&evsigint, SIGINT, gotd_session_sighdlr, NULL);
1437 signal_set(&evsigterm, SIGTERM, gotd_session_sighdlr, NULL);
1438 signal_set(&evsighup, SIGHUP, gotd_session_sighdlr, NULL);
1439 signal_set(&evsigusr1, SIGUSR1, gotd_session_sighdlr, NULL);
1440 signal(SIGPIPE, SIG_IGN);
1442 signal_add(&evsigint, NULL);
1443 signal_add(&evsigterm, NULL);
1444 signal_add(&evsighup, NULL);
1445 signal_add(&evsigusr1, NULL);
1447 gotd_session_client.state = GOTD_STATE_EXPECT_LIST_REFS;
1448 gotd_session_client.fd = -1;
1449 gotd_session_client.nref_updates = -1;
1450 gotd_session_client.delta_cache_fd = -1;
1451 gotd_session_client.accept_flush_pkt = 1;
1453 imsg_init(&gotd_session.parent_iev.ibuf, GOTD_FILENO_MSG_PIPE);
1454 gotd_session.parent_iev.handler = session_dispatch;
1455 gotd_session.parent_iev.events = EV_READ;
1456 gotd_session.parent_iev.handler_arg = NULL;
1457 event_set(&gotd_session.parent_iev.ev, gotd_session.parent_iev.ibuf.fd,
1458 EV_READ, session_dispatch, &gotd_session.parent_iev);
1459 if (gotd_imsg_compose_event(&gotd_session.parent_iev,
1460 GOTD_IMSG_CLIENT_SESSION_READY, PROC_SESSION, -1, NULL, 0) == -1) {
1461 err = got_error_from_errno("imsg compose CLIENT_SESSION_READY");
1468 log_warnx("%s: %s", title, err->msg);
1469 gotd_session_shutdown();
1473 gotd_session_shutdown(void)
1475 log_debug("%s: shutting down", gotd_session.title);
1476 if (gotd_session.repo)
1477 got_repo_close(gotd_session.repo);
1478 got_repo_pack_fds_close(gotd_session.pack_fds);
1479 got_repo_temp_fds_close(gotd_session.temp_fds);